Slmgr.vbs Options

Because of WMI changes in Windows 7 and Windows Server 2008 R2, the Slmgr.vbs script is not intended to work across platforms. Using Slmgr.vbs to manage a Windows 7 or Windows Server 2008 R2 system from the Windows Vista® operating system is not supported. Attempting to manage a down-level system from Windows 7 or Windows Server 2008 R2 will generate a specific version mismatch error. For example, running cscript slmgr.vbs <vista_machine_name> /dlv produces the following output:

Microsoft (R) Windows Script Host Version 5.8
Copyright (C) Microsoft Corporation. All rights reserved.
The remote machine does not support this version of SLMgr.vbs

To manage remote clients, use the Volume Activation Management Tool (VAMT) version 1.2 or later, or create custom WMI scripts that are aware of the differences between platforms. For more information about WMI properties and methods for Volume Activation, see the section, “WMI Properties and Methods,” later in this reference guide.

The following describes the syntax of the Slmgr.vbs script, and Table 2 describes each command-line option:

For systems with a Generic Volume License Key (GVLK) installed, this prompts an attempt at KMS activation. Systems that have been set to suspend automatic KMS activation attempts (/stao) still attempt KMS activation when /ato is run.

The parameter [Activation ID] expands /ato support to identify a Windows edition installed on the computer. Specifying the [Activation ID] parameter isolates the effects of the option to the edition associated with that Activation ID. Run Slmgr.vbs /dlv all to get the Activation IDs for the installed version of Windows. If you need to support other applications, see the guidance provided by that application for further instruction.

KMS activation does not require elevated privileges. However, online activation does require elevation, or the Standard User Operations registry value must be set to allow unprivileged users extra access to the Software Protection Service.

/dli [Activation ID | All]

Display license information.

By default, /dli displays the license information for the installed active Windows edition. Specifying the [Activation ID] parameter displays the license information for the specified edition associated with that Activation ID. Specifying the [All] as the parameter will display all applicable installed products’ license information.

Display the activation expiration date for the product. By default, this refers to the current Windows edition and is primarily useful for KMS clients, because MAK and retail activation is perpetual.

Specifying the [Activation ID] parameter displays the activation expiration date of the specified edition associated with that Activation ID.

This operation does not require elevated privileges.

Advanced options

/cpky

Some servicing operations require the product key to be available in the registry during Out-of-Box Experience (OOBE) operations. The /cpky option removes the product key from the registry to prevent this key from being stolen by malicious code.

For retail installations that deploy keys, best practices recommend running this option. This option is not required for MAK and KMS host keys, because this is the default behavior for those keys. This option is only needed for other types of keys where the default behavior is not to clear the key from the registry.

This operation must be run from an elevated command prompt.

/ilc <license_file>

This option installs the license file specified by the required parameter. These licenses may be installed as a troubleshooting measure, to support token-based activation, or as part of a manual installation of an on-boarded application.

Licenses are not validated during this process: License validation is out of scope for Slmgr. Instead, validation is handled by the Software Protection Service at runtime.

This operation must be run from an elevated command prompt, or the Standard User Operations registry value must be set to allow unprivileged users extra access to the Software Protection Service.

/rilc

This option reinstalls all licenses stored in %SystemRoot%\system32\oem and %SystemRoot%\System32\spp\tokens. These are “known-good” copies stored during installation.

This operation must be run from an elevated command prompt, or the Standard User Operations registry value must be set to allow unprivileged users extra access to the Software Protection Service.

/rearm

This option resets the activation timers. The /rearm process is also called by sysprep /generalize.

This operation will do nothing if the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\SkipRearm registry subkey is equal to 1. See the section “Registry Settings,” later in this guide, for details on this registry subkey.

This operation must be run from an elevated command prompt, or the Standard User Operations registry value must be set to allow unprivileged users extra access to the Software Protection Service.

/upk [ActivationID]

This option uninstalls the product key of the current Windows edition. After a restart, the system will be in an Unlicensed state unless a new product key is installed.

Optionally, you can use the [Activation ID] parameter to specify a different installed product.

This operation must be run from an elevated command prompt.

Volume Licensing: KMS client options

/skms Name[:Port] | : port [Activation ID] [Activation ID]

This option specifies the name and, optionally, the port of the KMS host computer to contact. Setting this value disables auto-detection of the KMS host.

If the KMS host uses Internet Protocol version 6 (IPv6) only, the address must be specified in the format [hostname]:port. IPv6 addresses contain colons (:), which will be misparsed by the Slmgr.vbs script.

This operation must be run from an elevated command prompt.

/ckms [Activation ID]

This option removes the specified KMS host name, address, and port information from the registry and restores KMS auto-discovery behavior.

This operation must be run from an elevated command prompt.

/skhc

This option enables KMS host caching (default), which blocks the use of Domain Name System (DNS) priority and weight after the initial discovery of a working KMS host. If the system can no longer contact the working KMS host, discovery will be attempted again.

This operation must be run from an elevated command prompt.

/ckhc

This option disables KMS host caching. This setting instructs the client to use DNS auto-discovery each time it attempts KMS activation (recommended when using priority and weight).

This operation must be run from an elevated command prompt.

KMS host configuration

/sai <interval>

This option sets the interval in minutes for unactivated clients to attempt KMS connection. The activation interval must be between 15 minutes and 30 days, although the default (2 hours) is recommended.

The KMS client initially picks up this interval from registry but switches to the KMS setting after it receives the first KMS response.

This operation must be run from an elevated command prompt.

/sri <interval>

This option sets the renewal interval in minutes for activated clients to attempt KMS connection. The renewal interval must be between 15 minutes and 30 days. This option is set initially on both the KMS server and client sides. The default is 10080 minutes (7 days).

The KMS client initially picks up this interval from the registry but switches to the KMS setting after it receives the first KMS response.

This operation must be run from an elevated command prompt.

/sprt <port>

This option sets the port on which the KMS host listens for client activation requests. The default TCP port is 1688.

This operation must be run from an elevated command prompt.

/sdns

Enable DNS publishing by the KMS host (default).

This operation must be run from an elevated command prompt.

/cdns

Disable DNS publishing by the KMS host.

This operation must be run from an elevated command prompt.

/spri

Set the KMS priority to normal (default).

This operation must be run from an elevated command prompt.

/cpri

Set the KMS priority to low.

Use this option to minimize contention from KMS in a co-hosted environment. Note that this could lead to KMS starvation, depending on what other applications or server roles are active. Use with care.

This operation must be run from an elevated command prompt.

Token-based activation configuration

/lil

List the installed token-based activation issuance licenses.

/ril <ILID> <ILvID>

Remove an installed token-based activation issuance license.

This operation must be run from an elevated command prompt.

/stao

Set the Token-based Activation Only flag, disabling automatic KMS activation.

Force token-based activation using the identified certificate. The optional personal identification number (PIN) is provided to unlock the private key without a PIN prompt when using certificates that are protected by hardware (for example, smart cards).